github hasura/graphql-engine v2.49.3
on GitHub

8 hours ago

Changelog

This is a patch release for v2.49.

Bug fixes and improvements

Server

  • Added HASURA_GRAPHQL_DISABLE_EVENT_PROCESSING env var (and --disable-event-processing CLI flag) to stop the eventing background pollers — event triggers, scheduled events, the cron event generator, and async actions — without disabling the rest of the eventing subsystem. Unlike HASURA_GRAPHQL_DISABLE_EVENTING, source catalog migrations still run, so the eventing catalog tables are created on a fresh database. The cli-migrations v2 and v3 entrypoints now use this flag, fixing metadata apply failing on a fresh database when the metadata defines event triggers.

Data Connector

  • super-connector: upgraded redshift-jdbc42 (2.2.2), Netty (4.1.135.Final, including the copy shaded into the Athena JDBC driver), and the Quarkus platform (3.33.1.1, for quarkus-vertx-http) to remediate CRITICAL/HIGH CVEs flagged by the container image scan. (Enterprise/cloud only)

Build

  • Updated the Ubuntu base image of the graphql-engine Docker images to pull patched OS packages, fixing CVE-2026-45447 (openssl heap use-after-free in PKCS7_verify()) by upgrading openssl/libssl3 from 3.0.2-0ubuntu1.21 to 3.0.2-0ubuntu1.25.
Check out latest releases or
releases around hasura/graphql-engine v2.49.3

Don't miss a new graphql-engine release

NewReleases is sending notifications on new releases.

Get notifications